From 81c500892f6484b59ca03ae5646c627eed606c33 Mon Sep 17 00:00:00 2001
From: Tiago Yamamoto <japa@rede5.com.br>
Date: Tue, 17 Feb 2026 16:12:44 -0600
Subject: [PATCH] Move credenciais para Civo Object Storage vault

- Backup seguro em s3://rede5/vault/ssh/
- Remove pasta local credentials/
- Adiciona instrucoes de restauracao no CONNECTIONS.md
---
 CONNECTIONS.md         | 16 +++++++++++++++-
 credentials/.gitignore | 28 ----------------------------
 2 files changed, 15 insertions(+), 29 deletions(-)
 delete mode 100644 credentials/.gitignore

diff --git a/CONNECTIONS.md b/CONNECTIONS.md
index 430c9f5..e1deb0a 100644
--- a/CONNECTIONS.md
+++ b/CONNECTIONS.md
@@ -6,7 +6,7 @@ Documentacao completa de todas as conexoes utilizadas na infraestrutura Rede5.
 
 Todas as credenciais estao armazenadas em: `C:\Users\Administrator\.ssh\`
 
-Copia de backup no repositorio: `credentials/`
+Copia de backup segura no Civo Object Storage: `s3://rede5/vault/ssh/`
 
 ```
 .ssh/
@@ -26,6 +26,20 @@ Copia de backup no repositorio: `credentials/`
 └── app01-rabbitmq-beecare-origin # Beecare RabbitMQ
 ```
 
+### Restaurar Credenciais do Vault
+
+```bash
+# No servidor Echo
+s3cmd -c /tmp/s3-photum.cfg get -r s3://rede5/vault/ssh/ /root/.ssh/
+
+# Ou via scp do Civo Object Storage
+# Credenciais: access_key=0UZ69TH03Q292DMTB82B
+#              secret_key=JJ5XXZYvoWdnqBCNP5oREjACyrXeH6EgSqeSybT7
+# Endpoint: https://objectstore.nyc1.civo.com
+# Bucket: rede5
+# Pasta: vault/ssh/
+```
+
 ---
 
 ## 1. Cloudflare
diff --git a/credentials/.gitignore b/credentials/.gitignore
deleted file mode 100644
index eca6baf..0000000
--- a/credentials/.gitignore
+++ /dev/null
@@ -1,28 +0,0 @@
-# NAO COMMITAR CHAVES PRIVADAS
-# Este arquivo lista as credenciais que NAO devem ser enviadas para repositorios
-
-# Chaves privadas SSH
-lh-zeus
-civo
-bionexo
-github
-ic-ad
-forgejo-gohorsejobs
-forgejo-gru
-app01-rabbitmq-beecare-origin
-
-# Tokens com senhas
-absam-db-novo
-absam-token
-cloudflare-token
-coolify-redbull-token
-github-token
-civo-object-storage
-cpanel-valueserver
-
-# Known hosts
-known_hosts
-known_hosts.old
-
-# Authorized keys
-authorized_keys